sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Brent Murphy	fdf9384e4d	[Rule Tuning] Execution from Unusual Directory - Command Line (#837 ) * Update execution_from_unusual_path_cmdline.toml * lint * Update execution_from_unusual_path_cmdline.toml	2021-02-03 10:54:19 -05:00
Justin Ibarra	a0e86e20d6	[Rule Tuning] Add windows integration index to rules (#923 )	2021-01-28 20:53:57 -09:00
Samirbous	49abcd7f4d	[New Rule] Execution from unusual directory - CommandLine (#435 ) * [New Rule] Execution from unusual directory - cmdline * Update execution_from_unusual_path_cmdline.toml * Update rules/windows/execution_from_unusual_path_cmdline.toml Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> * linted and added note as sug by JLB * note * ecs_version * fixed path * Update rules/windows/execution_from_unusual_path_cmdline.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com> * Update rules/windows/execution_from_unusual_path_cmdline.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com> * Update rules/windows/execution_from_unusual_path_cmdline.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com> Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> Co-authored-by: David French <56409778+threat-punter@users.noreply.github.com> Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>	2020-12-08 16:13:52 +01:00

Author

SHA1

Message

Date

Brent Murphy

fdf9384e4d

[Rule Tuning] Execution from Unusual Directory - Command Line (#837 )

* Update execution_from_unusual_path_cmdline.toml

* lint

* Update execution_from_unusual_path_cmdline.toml

2021-02-03 10:54:19 -05:00

Justin Ibarra

a0e86e20d6

[Rule Tuning] Add windows integration index to rules (#923 )

2021-01-28 20:53:57 -09:00

Samirbous

49abcd7f4d

[New Rule] Execution from unusual directory - CommandLine (#435 )

* [New Rule] Execution from unusual directory - cmdline

* Update execution_from_unusual_path_cmdline.toml

* Update rules/windows/execution_from_unusual_path_cmdline.toml

Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>

* linted and added note as sug by JLB

* note

* ecs_version

* fixed path

* Update rules/windows/execution_from_unusual_path_cmdline.toml

Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>

* Update rules/windows/execution_from_unusual_path_cmdline.toml

Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>

* Update rules/windows/execution_from_unusual_path_cmdline.toml

Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>

Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
Co-authored-by: David French <56409778+threat-punter@users.noreply.github.com>
Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>

2020-12-08 16:13:52 +01:00

3 Commits